Threats to Data and Information Flashcards
any potential danger to information or systems.
threat
subject to serious threats that can have adverse effects on organizational operations (including missions, functions, image, or reputation), organizational assets, individuals, other organizations, and the government by compromising the confidentiality, integrity, or availability of information being processed, stored, or transmitted by those systems.
information systems
Threats to information systems include
environmental disruptions,
human errors
purposeful attacks.
Additional threats arise in the
system acquisition and code distribution processes
Serious security problems have also resulted from
discarded or stolen systems
It refers to the capability of an adversary coupled with his/her intentions to undertake any actions detrimental to the success of program activities or operations.
threat
It is a natural or man-made occurrence, individual, entity, or action that has or indicates the potential to harm life, information, operations, the environment, and/or property.
threat
It is a potential cause of an unwanted incident, which may result in harm to a system or organization.
threat
It refers to any circumstance or event with the potential to cause harm to a system in the form of destruction, disclosure, modification of data, and/or denial of service.
security
It is also any circumstance or event with the potential to adversely impact agency operations (including mission, functions, image, or reputation), agency assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service
security
It also refers any circumstance or event with the potential to adversely impact organizational operations, organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
security
it also refers to any circumstance or event with the potential to intentionally or unintentionally exploit one or more vulnerabilities in a system resulting in a loss of confidentiality, integrity, or availability.
security
It is a potential cause of an incident, that may result in harm of systems and organization.
security
It is a potential undesirable event, malicious or not, of:
compromise
corruption
denial of service
e., theft of valuable or sensitive information or services),
compromise
degradation/blocking of data, processing, or communications or an entity possessing the capability and intent to cause the above.
denial of service
It is any circumstance or event with the potential to adversely impact the essential clinical performance of the device, organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, or other organizations through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
medical device
Threats exercise vulnerabilities, which may impact the essential clinical performance of the device.
medical device
It is an intentional or unintentional potential event that could compromise the security and integrity of the system.
biometrics
measurement and statistical analysis of people’s unique physical and behavioral characteristics.
biometrics
Threats are implemented by
threat agents
It is also called a threat actor.
threat agent
It refers to any person or thing that acts (or has the power to act) to cause, carry, transmit, or support a threat.
threat agent
It also refers to an individual, group, organization, or government that conducts or has the intent to conduct detrimental activities.
threat agent
It is a system entity that performs a threat action, or an event that results in a threat action.
threat agent
examples of threat agent
an intruder network through a port on the firewall
a process accessing data in a way that violates the security policy
insiders (including system administrators and developers)
malicious hackers
an employee making an unintentional mistake that could expose confidential information or destroy a file’s integrity
a tornado wiping out a facility
organized crime
terrorists
nation states
It is about keeping data safe and affects anyone relying on a computer system
data security
If the data on a computer system is damaged, lost, or stolen, it can lead to disaster.
data security
6
keeping data secure
backup files
antivirus
log off after use
authorized personnel
passwords
safe file storage
6 key threat to data security
corrupted
hacked
lost
destroyed
deleted
damaged
10 Technical Data Threats
hacking
advance persistent threats
malware
misuse
mobile devices
cloud computing
cracking
data leakage
errors
third parties/ service providers
6 non technical vulnerabilities
physical
insider threat
environmental
dumpster diving
social engineering
social media
refers to an unauthorized user gaining access to a computer or a network
hacking
a multi-billion dollar industry for cybercriminals and provides opportunities to extract data for political and monetary gains.
hacking
trying to get into computer systems in order to steal, corrupt, or illegitimately view data.
cracking
technique used to breach computer software or an entire computer security system, and with malicious intent.
cracking
strictly used in a criminal sense (i.e., It is hacking but evil).
cracking
reverse engineering of software, passwords or encryption, that could lead to unauthorized access to sensitive information.
cracking
disrupts computer operations, gathers sensitive information, or gains access to a computer system to compromise data and information.
malware
used to keep malware off of computers.
antivirus software
firewalls
examples of malware
viruses,
worms,
spyware,
ransomware,
keyloggers and
backdoors,
but in reality malware can be any program that operates against the requirements of the computer user.
Employees may take advantage of entrusted resources or privileges for a malicious or unintended purpose.
misuse
Included in this category are administrative abuse, policy violations, and use of non-approved assets.
misuse
system misconfigurations or programming errors can cause unauthorized access by cybercriminals.
errors
can occur in-house due to faulty programming, or hackers can find loopholes that can cause errors as well.
errors
Unauthorized electronic or physical transmission of data or information from within a company to an external destination or recipient could leave data in the wrong hands.
data leakage
Storing unencrypted sensitive data with lax access controls leaves data stored in the cloud vulnerable to improper disclosure.
cloud computing
With the growing amount of organizations and people using cloud computers, it is more important now than ever before to protect your information against hackers.
cloud computing
carrying sensitive data can be lost or stolen, possibly causing data to fall into the wrong hands.
mobile devices
are structured cyberattacks to extort or damage companies whose websites or online assets are a major source of revenue.
availability attacks
a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time.
Advanced Persistent Threats (APT)
uses continuous and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged and potentially destructive period of time.
APT
Hackers attack computer systems while avoiding detection and harvesting valuable information over a long period of time.
APT
Theft, tampering, snooping, sabotage, vandalism, local device access, and assault can lead to a loss of data or information.
Physical
Natural events such as tornadoes, power loss, fires, and floods pose hazards to the infrastructure in which data assets are located.
environmental
Employees, contractors, or partners can commit fraud, espionage or theft of intellectual property.
insider threat
Employees often fall victim to scams or reveal information not intended for public knowledge on social media.
social media
Improper disposal of sensitive data could lead to improper disclosures of sensitive information just sitting in trash bins.
dumpster diving
Having internal procedures when disposing of sensitive documents is crucial in preventing this kind of a non-technical vulnerability.
dumpster diving
Attackers rely heavily on human interaction to gain access to company networks or systems, usually tricking users into breaking normal security procedures and revealing their account credentials.
social engineering
It is the art of manipulating people so they give up confidential information.
social engineering
10 Types of Information Security Threats for IT teams to know about
botnets
exploit kits
drive-by download attacks
distributed denial-of-service attacks
insider threats
viruses and worms
advanced persistent threat attacks
phishing attacks
ransomware
malvertising
It is a malicious act that aims to corrupt or steal data or disrupt an organization’s systems or the entire organization.
security threat
It refers to an occurrence during which company data or its network may have been exposed.
security event
It is an event that results in a data or network breach.
security incident
occurs when individuals close to an organization who have authorized access to its network intentionally or unintentionally misuse that access to negatively affect the organization’s critical data or systems.
insider threat
Careless employees who do not comply with their organizations’ business rules and policies
insider threat
source of insider threat
contractors
business partners
third party vendors
(malware) aimed at destroying an organization’s systems, data and network.
viruses and worms
is a malicious code that replicates by copying itself to another program, system or host file.
computer virus
s a self-replicating program that doesn’t have to copy itself to a host program or require human interaction to spread.
computer worm
collection of Internet-connected devices, including PCs, mobile devices, servers and IoT devices that are infected and remotely controlled by a common type of malware.
botnet
malicious code is downloaded from a website via a browser, application or integrated operating system without a user’s permission or knowledge.
drive-by-download attacks
type of information security threat that employs social engineering to trick users into breaking normal security practices and giving up confidential information, including names, addresses, login credentials, Social Security numbers, credit card information and other financial information.
phishing attacks
multiple compromised machines attack a target, such as a server, website or other network resource, making the target totally inoperable.
DDoS attacks
the victim’s computer is locked, typically by encryption, which keeps the victim from using the device or data that are stored on it.
ransomware
programming tool that enables a person without any experience writing software code to create, customize and distribute malware.
exploit kit
a targeted cyberattack in which an unauthorized intruder penetrates a network and remains undetected for an extended period of time.
advanced persistent threat attacks
technique cybercriminals use to inject malicious code into legitimate online advertising networks and web pages.
malvertising
This code typically redirects users to malicious websites or installs malware on their computers or mobile devices.
malvertising
